On Tue, 15 Oct 2024 15:52:13 GMT, David M. Lloyd <d...@openjdk.org> wrote:
>> OK
>
> While I disagree with this change on the principle of "the system should
> operate as if no security manager were installed", the workaround for callers
> is actually rather simple:
>
>
> if (System.getSecurityManager() != null) {
> foo.checkAccess();
> }
>
>
> I assume the justification for having these methods throw is consistency with
> the `check*` methods defined on `SecurityManager`. I agree that those methods
> should throw, because nobody should be handling instances of
> `SecurityManager` after this change. However, having other `checkAccess`
> methods throw (as opposed to being a no-op, as they would behave previously
> when no security manager is installed) doesn't really fulfill this spirit in
> my opinion.
>
> But since the workaround is so simple, it doesn't really matter. It would be
> different if we (library authors) would have to resort to MR JARs for
> example, but that is not the case.
While making `LogManager.checkAccess` be a no-op might be more convenient, it
could unconditionally
permit operations that formerly required a permission check: clearly a bad
idea. Always throwing a `SecurityException` is the safest option.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21498#discussion_r1801518838
